package com.apache.security.util;

import java.util.regex.Pattern;

import com.apache.security.SecurityConstant;
import com.apache.tools.StrUtil;

/**
 * 
 *
 */
public class ResponseHeaderSecurityCheck {

	public static String filterCLRF(String value) {
		if (StrUtil.isNull(value)) {
			return value;
		}
		StringBuilder sb = new StringBuilder();
		for (int i = 0; i < value.length(); i++) {
			if (!(value.charAt(i) == '\r' || value.charAt(i) == '\n')) {
				sb.append(value.charAt(i));
			}
		}
		return sb.toString();
	}

	public static boolean checkRedirectValid(String location) {
		if (StrUtil.isNull(location)) {
			return false;
		}
		for (Pattern pattern : SecurityConstant.redirectLocationWhiteList) {
			if (pattern.matcher(location).find()) {
				return true;
			}
		}
		return false;
	}

}
